package com.zle.common.interceptor;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.zle.common.cstn.GlobalConstants;

public class PermissionInterceptor extends HandlerInterceptorAdapter {

	/**
	 * 免登入 免检查地址
	 * /myweb/login_show
	 * /myweb/index, /myweb/NewFile
	 */
	private List<String> uncheckUrls;

	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
		String requestUrl = request.getRequestURI();
		HttpSession session = request.getSession();
		
		if (uncheckUrls.contains(requestUrl)) {

			return true;
		}else if(requestUrl.contains("/login/")){
			
			return true;
		}else{
			if(session.getAttribute(GlobalConstants.USER_SESSION) == null){
				//当没有权限时候跳转到登陆界面
				try {
					request.getRequestDispatcher("/login/logout.action").forward(request, response);
//					response.sendRedirect(request.getContextPath() + "/login/logout.action");
					return false;
				} catch (Exception e) {
					e.printStackTrace();
				}
				//
			}
		}
		return true;
	}

	public List<String> getUncheckUrls() {
		return uncheckUrls;
	}

	public void setUncheckUrls(List<String> uncheckUrls) {
		this.uncheckUrls = uncheckUrls;
	}
}
